New research has revealed that 95 per cent of chief information and chief information security officers in the UK admit they make compromises in how they protect the business against cyber threats and other disruptions.

Endpoint security specialist Tanium surveyed 500 people in those positions, finding that 35 per cent cited pressure to keep the lights on, while 31 per cent suggested they were restricted by legacy IT commitments.

And nearly a third (30 per cent) said that a focus on implementing new systems takes precedence over protecting existing business assets, and over a quarter (28 per cent) stressed that inconsistent and incomplete datasets were a key driver.

Additionally, 84 per cent said they had refrained from adopting an important security update or patch because they were worried about the impact on the wider business, with 41 per cent stating they had held off applying a patch on more than one occasion.

When security patches were deployed, sometimes there are gaps, as the study found that 83 per cent of respondents found a critical update they thought had been deployed, had not actually updated all devices, leaving the business exposed.

Tanium found that 28 per cent of respondents said that departments and business leaders work in silos.

“As leaders, CIOs and CISOs face multifaceted pressures across the business to remain resilient against disruption and cyber threats,” explained Matt Ellard, managing director at Tanium.

“They must maintain compliance with an evolving set of regulatory standards, track and secure sensitive data across computing devices, manage a dynamic inventory of physical and cloud-based assets, all while fulfilling an increasingly common executive mandate to make technology an enabler for business growth,” he stated.

“But in fragmented environments, where organisations use a range of point products for IT security and operations, there are regular compromises taking place among these priorities.”

Share Story: